SEI CERT C++ Coding Standard

Space shortcuts

Page tree

Versions Compared

Old Version 71

changes.mady.by.user Will Snavely

Saved on

compared with

New Version Current

changes.mady.by.user David Svoboda

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.
Comment: REM Cost Reform

...

Slicing results in information loss, which could lead to abnormal program execution or denial-of-service attacks.

Rule

Severity

Likelihood

Remediation Cost

Detectable

Repairable

Priority

Level

OOP51-CPP

Low

Probable

Medium

No

No

P4

P2

L3

Automated Detection

Tool

Version

Checker

Description

CodeSonar
Include Page
CodeSonar_V
CodeSonar_V

LANG.CAST.OBJSLICE

Object Slicing

Helix QAC

Include Page
Helix QAC_V
Helix QAC_V

C++3072
Parasoft C/C++test
9.5OOP-02, JSF-117_a PRQA QA-C++  Include PagePRQA QA-C++_VPRQA QA-C++_V
Include Page
Parasoft_V
Parasoft_V

CERT_CPP-OOP51-a

Do not slice derived objects

Polyspace Bug Finder

Include Page
Polyspace Bug Finder_V
Polyspace Bug Finder_V

CERT C++: OOP51-CPPChecks for object slicing (rule partially covered)
PVS-Studio

Include Page
PVS-Studio_V
PVS-Studio_V

V1054

3072

 

Related Vulnerabilities

Search for other vulnerabilities resulting from the violation of this rule on the CERT website.

Related Guidelines

SEI CERT C++ Coding Standard

ERR61-CPP. Catch exceptions by lvalue reference
CTR56-CPP. Do not use pointer arithmetic on polymorphic objects 

SEI CERT C Coding Standard 

EXP34-C. Do not dereference null pointers

Bibliography

[Dewhurst 2002]Gotcha #38, "Slicing"
[ISO/IEC 14882-2014]Subclause 12.8, "Copying and Moving Class Objects"
[Sutter 2000]Item 40, "Object Lifetimes—Part I"

...


...